Page 1474 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1474

Password Attacks


               One of the simplest techniques attackers use to gain illegitimate access
               to a system is to learn the username and password of an authorized
               system user. Once they’ve gained access as a regular user, they have a

               foothold into the system. At that point, they can use other techniques,
               including automated rootkit packages, to gain increased levels of
               access to the system (see the section “Escalation of Privilege and
               Rootkits” later in this chapter). They may also use the compromised
               system as a jumping-off point for attacks on other, more attractive

               targets on the same network.
               The following sections examine three methods attackers use to learn

               the passwords of legitimate users and access a system: password-
               guessing attacks, dictionary attacks, and social-engineering attacks.
               Many of these attacks rely on weak password storage mechanisms. For
               example, a website might store message digest 5 (MD5) hashes of
               passwords in a single file. If an attacker is able to manipulate the web

               server software or operating system to obtain a copy of the file, they
               could use it to conduct an attack.


               Password Guessing

               In the most basic type of password attack, attackers simply attempt to
               guess a user’s password. No matter how much security education users

               receive, they often use extremely weak passwords. If attackers are able
               to obtain a list of authorized system users, they can often quickly
               figure out the correct usernames. (On most networks, usernames
               consist of the first initial of the user’s first name followed by a portion
               of their last name.) With this information, they can begin making
               some educated guesses about the user’s password. The most
               commonly used password is some form of the user’s last name, first

               name, or username. For example, the user mchapple might use the
               weak password elppahcm because it’s easy to remember.
               Unfortunately, it’s also easy to guess.

               If that attempt fails, attackers turn to widely available lists of the most
   1469   1470   1471   1472   1473   1474   1475   1476   1477   1478   1479